Make mbedtls_mpi_exp_mod_unsafe internal

Signed-off-by: Janos Follath <janos.follath@arm.com>
2025-02-10 15:40:30 +00:00 · 2024-08-22 13:00:12 +01:00 · 2024-08-22 13:00:12 +01:00 · 82976f3548
commit 82976f3548
parent 6c2086931d
2 changed files with 10 additions and 33 deletions
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h
@ -879,39 +879,6 @@ int mbedtls_mpi_mod_mpi(mbedtls_mpi *R, const mbedtls_mpi *A,
 int mbedtls_mpi_mod_int(mbedtls_mpi_uint *r, const mbedtls_mpi *A,
                        mbedtls_mpi_sint b);

-/**
- * \brief          Perform a modular exponentiation: X = A^E mod N
- *
- * \warning        This function is not constant time with respect to \p E (the exponent).
- *
- * \param X        The destination MPI. This must point to an initialized MPI.
- *                 This must not alias E or N.
- * \param A        The base of the exponentiation.
- *                 This must point to an initialized MPI.
- * \param E        The exponent MPI. This must point to an initialized MPI.
- * \param N        The base for the modular reduction. This must point to an
- *                 initialized MPI.
- * \param prec_RR  A helper MPI depending solely on \p N which can be used to
- *                 speed-up multiple modular exponentiations for the same value
- *                 of \p N. This may be \c NULL. If it is not \c NULL, it must
- *                 point to an initialized MPI. If it hasn't been used after
- *                 the call to mbedtls_mpi_init(), this function will compute
- *                 the helper value and store it in \p prec_RR for reuse on
- *                 subsequent calls to this function. Otherwise, the function
- *                 will assume that \p prec_RR holds the helper value set by a
- *                 previous call to mbedtls_mpi_exp_mod(), and reuse it.
- *
- * \return         \c 0 if successful.
- * \return         #MBEDTLS_ERR_MPI_ALLOC_FAILED if a memory allocation failed.
- * \return         #MBEDTLS_ERR_MPI_BAD_INPUT_DATA if \c N is negative or
- *                 even, or if \c E is negative.
- * \return         Another negative error code on different kinds of failures.
- *
- */
-int mbedtls_mpi_exp_mod_unsafe(mbedtls_mpi *X, const mbedtls_mpi *A,
-                               const mbedtls_mpi *E, const mbedtls_mpi *N,
-                               mbedtls_mpi *prec_RR);
-
 /**
 * \brief          Perform a modular exponentiation: X = A^E mod N
 *
--- a/library/rsa.c
+++ b/library/rsa.c
@ -1228,6 +1228,16 @@ int mbedtls_rsa_check_pub_priv(const mbedtls_rsa_context *pub,
    return 0;
 }

+/*
+ * This function is identical to mbedtls_mpi_exp_mod() the only difference is that this function is
+ * not constant time.
+ *
+ * WARNING! This function is not constant time.
+ */
+int mbedtls_mpi_exp_mod_unsafe(mbedtls_mpi *X, const mbedtls_mpi *A,
+                               const mbedtls_mpi *E, const mbedtls_mpi *N,
+                               mbedtls_mpi *prec_RR);
+
 /*
 * Do an RSA public key operation
 */